Security and Your Google Linked Accounts

Security best practices are all about striking a balance between easily getting to your work and data and preventing others from being able to do the same. When it comes to determining the ideal balance for you, knowledge is key. This article details how to review what apps have access to your accounts using Google as an example.

April 30, 2019
Valiant Technology
3 min

The balance of convenience and security

One potential security vulnerability that users often overlook is what information your apps have access to. Have you ever signed up for an app or a website by selecting “connect with Google” or “connect with Facebook”? This is a very convenient way to not have to create a new password for every new service you sign up for. However, people will often sign up for these applications, allow access to their profiles, and then forget about them. Meanwhile, apps that have gone the way of fidget spinners are often less locked down than Facebook and Google themselves. This can leave your important data exposed.

That does not mean you can never use this option to sign up, and there is an argument for consolidating your logins so you don’t have to rely on memory, or worse, an unsecured document to remember hundreds of passwords. More on that in our blog post: https://thevaliantway.com/2017/11/passwords-without-sticky-notes/. What is recommended is checking out what apps you have connected and cleaning that up on a regular basis. Below, we focus specifically on identifying and revoking access to your Google account.

How to check your Google connected apps

Start by logging into your Gsuite account on any Google page (google.com, Gmail, etc.) In the upper right-hand corner, there is an icon that makes a 3X3 grid next to an icon of either your initials or your picture. Click this and then click the big blue “Google Account” button to access the account settings.

Login as you normally would, and look for the account options page.

There are two ways to access the next step. We will cover the most direct way in this tutorial. (The other way is to click review your privacy settings and go through their prompts.)

This displays your account settings, with several topics on the left including security.

On the left-hand column, select “Security”. This will bring you to the comprehensive security settings page. Scroll down until you find the section with Third-party apps with account access. This is usually on the same line as “your devices”.

This shows a brief overview, but click the link at the bottom to view more and edit permissions.

Follow the “manage third-party access” link. This page will show you third-party apps with account access and apps the use google to sign in.

You can view the various applications that use Google for sign in and/or have access to parts of your account.

Click on any application to get more details about what information is shared and how these apps can make changes to your account.

Review the history of the app, the extent of its access, and the option to remove access.

For any application that you want to revoke access to, just click the remove access button.

Check your other apps

Repeat this with your Facebook, and other social media and productivity applications. You can follow our guide on reviewing your Facebook applications, Security and Your Facebook Linked Accounts. Both Facebook and Google will occasionally prompt you to review your security settings. Don’t dismiss this prompt, and take a look next time it comes up. You may be surprised at what you find, and who can find you.